Identify the factors key to successful maintenance and the implementation of this phase.

This is for CMP 610 Project 3

This is a Master’s level course, therefore requires a lot of writing and in-depth answers including an intro and conclusion. Whoever writes this for me I will TIP GENEROUSLY to if they actually put the time and effort into a good essay without one sentence paragraphs like the last person.

Cyber management and policy professionals need to be able to identify software security vulnerabilities and communicate those vulnerabilities to nontechnical policy makers. Whether an organization purchases commercially available software or develops original applications, understanding the vulnerabilities is especially important. Upon completion of this project, you will evaluate relevant vulnerabilities, determine potential costs associated with these vulnerabilities, and recommend the best solution for an organization. You will also develop and present a software maintenance plan, taking into consideration the Supply Chain Risk Management (SCRM) framework. Finally, you will present the recommended solution to a nontechnical audience. This is the third of four sequential projects. There are thirteen steps in this project. Begin by reviewing your project scenario, then proceed to Step 1.

You begin your project with an investigation of supply chain risk management (SCRM). SCRM is the implementation of strategies to manage risks associated with the selection, installation, implementation and use of products with the goal of reducing vulnerabilities and assuring secure operations. It is important to understand SCRM in order to make informed decisions regarding the selection of products.

Review Supply chain risk management concepts and theories.

As you read about SCRM, document the following:

  • SCRM best practices—Identify best practices and successful implementation. Describe supply chain risk management practices and the software risk analysis process.
  • SCRM threats—List and describe supply-chain cybersecurity threats and the technologies and policies that can be used to mitigate the threats.
  • SCRM challenges—Determine the SCRM challenges in your organization given its business and culture and the concerns that John cited during your meeting. Evaluate the various approaches to developing secure code in a cost-effective manner in light of your organization’s Software Assurance needs and expectations, software assurance objectives, and software assurance coding and development plan. You will want to optimize the effectiveness of your software procurement by addressing early on your organization’s information security requirements and risk management in the supply chain germane to your workplace.

You will use this information throughout the project and to help you create the presentation slide deck.

Using the information that you obtained in Step 1, develop a slide deck with a minimum of six slides. John will include these slides in his final presentation to educate his audience on SCRM. These slides should identify the key concepts, considerations, and applicability of SCRM for your organization.

 

Submit the slide deck for feedback.

Now that you understand SCRM, you decide to complete a Software Development Life Cycle assessment. The Software development life cycle (SDLC) is a process used to develop, maintain, replace, and change software. The overall purpose of SDLC is to improve the quality of software through the development and implementation process. (Review Systems Software, Application Software, Software Interaction and Programming if you do not already have a working understanding of these topics.)

 

As part of your assessment, include the following information:

  • Note how various entities are currently utilizing SDLC to implement software.
  • Identify and take note of successful implementations, describing the results.
  • Identify software development methodologies for common software applications and cybersecurity standards organizations.

You will use the information that you gather during this step to complete your SDLC assessment.

In Step 3, you explored SDLC, the ways other organizations are implementing it, and best practices. Now you are ready to guide your own organization through the process of developing software.

 

You start by considering the needs of your organization. Currently, the accounting month-end closing procedures involve extracting data from the accounting database into spreadsheets, running macros within the spreadsheets, uploading new data into the accounting database, and emailing generated spreadsheet reports and word processing memos. Brenda, the Director of Accounting Systems, would like this process automated without putting financial data at risk during or after the implementation. (Review Databases for operational data, Database Management Systems, and How a DBMS works if you do not already have a working understanding of these topics.)

Based on this needs analysis, you decide to focus on the SDLC maintenance phase:

  • Identify the factors key to successful maintenance and the implementation of this phase.
  • Identify potential obstacles to success and ways to anticipate and mitigate them.

You will use the information that you gather during this step to complete your SDLC assessment.

Businesses depend on the safe operations of systems. The level of confidence a business or other entity has that its software is free from vulnerabilities is referred to as Software Assurance (SwA). As the final step before your assessment, research SwA and other topics related to preventing and fixing software vulnerabilities.

 

In your research, make sure to complete the following:

  • Evaluate the major steps, underlying theory, and relative usefulness of software security testing, white box and black box software security testing, the Common Criteria/Common Criteria Evaluation and Validation Scheme (CCEVS), and the Common Criteria (CC) for Information Technology Security Evaluation.
  • Identify and evaluate state and federal cybersecurity policies underlying the application, scope, and selection of secure software development methodologies.
  • Determine when to perform a risk analysis.
  • Evaluate security concerns that arise during the acceptance phase of software development.
  • Describe the testing and validation process from a cybersecurity policy standpoint.
  • Identify the ways in which SwA ensures trustworthiness, predictable execution, and conformance.
  • Identify SwA best practices.
  • Identify innovations in the provision of SwA that you have found in your research.

You will use the information that you gather during this step to complete your SDLC assessment.

Integrating the information that you have gathered in Steps 3, 4, and 5, develop either a five-page summary assessment or a 10-minute video explanation of the software development life cycle, including your view on its importance to software security. This assessment will provide foundational support for your final recommendation.

 

Be sure to do the following:

  • Describe basic models and methodologies of the software development life cycle.
  • Identify a development methodology that fits your organization and explain why.
  • Describe the phases of the software life cycle.
  • List and discuss the security principles you would need to consider and explain how you would apply them throughout the software life cycle.
  • Describe the elements of a maturity model.

Submit your assessment for feedback.

Now that you have completed your research on the SDLC, you are going to look into how to develop the software your organization needs.

 

You decide to consider various software development methodologies. Compare and contrast open source, commercial, and internally developed software methodologies, noting what cybersecurity issues each addresses.

Open source software platforms are widely used and supported, and benefit from communities of creative and innovate thinkers. Learn about the open source development community (accountability and self-policing, development criteria, “ownership”) and the pros and cons of adopting open source platforms for corporate use.

You will use this information to develop your software development matrix.

Develop and submit a one-page matrix that compares and contrasts open source, commercial, and internally developed software development methodologies. Discuss the pros and cons of each to help inform your final recommendation. Consider cost, software assurance needs and expectations, software assurance objectives, and a software assurance coding and development plan.

 

Submit the matrix for feedback.

Whether you are developing or purchasing software, the key to successful software installation and use is a maintenance plan that ensures updates are implemented in a timely manner and that guards against improper uses which could jeopardize the integrity of the software. Using key tenets of the maintenance elements of the SLDC, develop a software maintenance plan. In preparation for the development of your maintenance plan, you will need to do the following:

 

  • Describe the software, the features, and the security improvements.
  • Develop a schedule to implement the recommended software.
  • Identify potential impacts to mission, risks, and likelihood of success.

Using your findings from Step 9, develop and submit a two-page white paper for distribution to the team that will be responsible for implementing the plan. This white paper should do the following:

 

  • Describe the software features.
  • Describe the expected impacts on the mission.
  • Include the implementation schedule.

Submit the white paper to your instructor for review.

you are finally ready to write your recommendation memo. Before you begin, look over your research one more time and evaluate your findings. Identify the software options to consider along with the associated costs and risks of those options. Your options should include procurement, development, and open source.

Now that you have weighed the software options in Step 11, write your memo recommending an approach to software acquisition for the organization. Address it to procurement, with coordination through the chief information officer. This memo will educate leadership on the importance of making the right software decisions for the organization, so the memo will describe the software development life cycle (SDLC) and its applicability to the current needs of your organization. The two-page memorandum should accomplish the following:

 

  • Articulate the software needs of the organization.
  • Identify the software options that best meet the organization’s needs.
  • Make a recommendation for your organization supported by a rationale.
  • Describe the key attributes of the software development life cycle (SDLC).
  • Describe the weaknesses of commonly used software (word processing, spreadsheets, email platforms).
  • Identify any known risks of your recommendation and describe supply chain risk management your organization could implement.
  • Detail the costs involved in your recommendation.
  • Cite contract language that would be used to ensure that supply chain, system, network, and operational security were met.

Submit the memo to your instructor for review.

Assuming that the CEO approves your recommendation, you will be tasked with implementing the software development. The new software will result in some changes for the accounting department, and you need to alert them to what they can expect, and what you as the CISO expect of them in order to keep the information and networks of your organization secure.

 

  • Identify the change management and patch management (software maintenance) required for the solutions you have recommended. Include behavioral changes as well as technical changes.
  • Develop an email communication from you to the workforce that alerts the workforce to the coming changes, explains the rationale for them, and tells them what they should expect as the new solutions are being implemented. Give them any information on potential work disruptions and also provide steps they should take to report issues or to get assistance during the transition.

Submit the email for review.

 

</pstyle=”box-sizing:></pstyle=”box-sizing:></pstyle=”box-sizing:></pstyle=”box-sizing:></pstyle=”box-sizing:></pstyle=”box-sizing:></pstyle=”box-sizing:></pstyle=”box-sizing:></pstyle=”box-sizing:></pstyle=”box-sizing:></pstyle=”box-sizing:>

find the cost of your paper

Complete independent research and review two (2) to three (3) online end-user license agreements.

Complete independent research and review two (2) to three (3) online end-user license agreements. Compare and contrast each EULA with each other. In your response, please consider the following: ·….

Write a SQL query that identifies the number of prescriptions grouped by drug name.

ALY6030 Final Project Assignment – Pharmacy Claims Due End of Week 6 Background: The excel file “ALY 6030 Final Project Data Set.xlsx” contains sample pharmacy claims for made-up members of….

Create a JavaFX program to allow a user to query the Northwind database.

Create a JavaFX program to allow a user to query the Northwind database. You should be able to perform the following functionality using the program:   Print order total (not….